Due to the fast growth of Information technology, the computer and internet usage is also increasing simultaneously. Along with the popularity of Internet usage, threats are also increasing. IT related Risk is a relatively new term introduced to increase the awareness about information security. IT Risk or IT Related risk can be a product of threat and vulnerability induced by spammers and is one of the multitude threats related to the usage of computer and internet. Due to the increased use of computer and internet, there is chance of stealing personal informations; confidential matters etc that are placed in the web by the users. The hackers crack these informations for manipulations, fraudulent activities etc which may affect the users as well as the society. Hackers use multiple methods to invade the web to steal these informations. These include Phishing, Pharming, Typosqatting, DNS cache poisoning, Mouse trapping, Page hijacking, Introduction of malicious codes, Email Spoofing, Domain hijacking, Domain name Spoofing, Spamdexing etc.
Phishing is the high-tech form of Internet piracy in which the phisher steals the personal and confidential informations like bank account, passwords, credit card number, personal details etc related to bank transactions. This is an advanced form of high tech Phishing known as Social Engineering which is the method of manipulating the people into performing action by taking them into confidence.
The Phisher use the informations of the online banking to withdraw money from the victim’s account or run up bills using the credit card. Phishers take the advantage of the software and security weakness of the account holders. Since the user keeps the account number and other bank details secrete, the phisher uses tricks to get the details from the user.
Pharming refers to the attack of a web hacker aimed to direct the traffic of website to a bogus web site. The hacker performs the Pharming by changing the host file of the computer or hacking the DNS server software. DNS server performs the function of resolving the internet names into the real address. Hackers use both Pharming and Phishing together for online identity theft. Antivirus programmes cannot do anything in Pharming so that a sophisticated antifarming software is necessary to fight against Phishing and Pharming. Phamers use malicious codes like worms, Trojans, spy ware etc to modify the host file in the computer and DNS cache poisoning.
When we log on to a trusted website by typing its URL in the address bar, the DNS server maps this address into an IP address which can be easily recognized by the computer. If all are OK, the browser will connect the user computer to the trusted website. But when the computer is under the control of the hacker, the IP address will be modified so as to direct the user computer to the bogus website.
This is the email activity in which the address and other details of the email are altered to make it fraudulent. The word Spoof means Innocent Parody. But to avoid confusion and to intimate the seriousness of the fraudulent activity, banks and other agencies use the terms Phishing or Fraudulent to such malicious activities. Spoofing is used to indicate Spam and Phishing emails that hide the details of its origin. Although the email has a sender address, it is coming from a different source which can be of malicious origin. Sometimes the Spammer gives his address in the Reply to field so by giving the reply, the spammer will track the details of the email.
It is the form of URL Hijacking when the user makes mistakes like typographical errors when giving a web address in the address bar. When the user makes the mistake in typing the web address, he may enter into a fake address owned by the cyber squatter.
It is the deliberate manipulation of the search engine index. Spamdexing is also known as Web spam, Search spam etc. The activity of Spamdexing involves methods like repeating unrelated phrases to manipulate the resources indexed. Many search engines have the ability to check the Spamdexing and remove the suspected web pages from the index. Search engines use Algorithms to index the contents based on ranking. This may be done by identifying the Meta key words, Tags, body text, URL etc. Spamdexing may be content spam and Link spam.
Mousetrapping is the method used by some websites to keep the browsers always in their websites by giving continuous pop ups or making the window permanent which cannot be closed. Occasionally the window remains static so that the browsers menu becomes inaccessible. These Mouse trappers also hijack and reset the home page to keep their page as default home page. To overcome the Mousetrapping, use the key board shortcut such as Alt+F4 to close the window instead of using the mouse to close the page. The advantage of this shortcut is that, all the popup windows can be closed quickly. Sometimes this trick will not act if there is a virus or Resident Programme works along with Mousetrapping. Mousetrapping is usually done by some Pornographic sites and Advertisement agencies.
This is a form of Web Hijacking in which the user is deliberately directed to a web page. Suppose we use a key word to search a topic or an article for purchase, sometimes the browser will show the result as page cannot be displayed. The page hijacker will create a webpage exactly similar to the genuine website with a redirection script to direct the browsers to his website. When the user uses the same key words, a page appears showing similar pages for clicking. When the user clicks on the link, he will be directed to the spammer’s website. This form of page Hijacking is used by some competitors in the marketing field
DNS Cache poisoning
DNS (Domain Name system) in the server translates the domain name (………..com) into an IP Address (Internet Protocol) to contact with the internet resources. DNS cache poisoning occurs when a non authentic data is introduced into the DNS server. If the DNS server is poisoned, it may create an incorrect IP address and divert the traffic to another computer. So the user gets non authentic datas. It may be a deliberate malicious attack on the web or due to the misconfiguration of a DNS server using improper software. When the DNS server gets a non authentic data and caches its performance, the server is said to be poisoned. The attacker exploits the drawbacks in the software used in DNS server and spoofs the IP address DNS entries for a targeted website on the server and replace the authentic IP address DNS entries with the IP address of the server controlled by the attacker. The attacker then introduces malicious files that match with those of the target DNS server. Many secure DNS services use cryptographic electronic signatures signed with a trusted public key certificate to confirm the authenticity of datas.